5

I want to decrypt a message with RSA public key with PyCrypto I am useing code below but getting no private key error what should changed in code below?

from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_OAEP
import base64
licence_key="bla bla"
licence_key_in_bytes=licence_key.encode("utf-8")
encrypted=base64.b16decode(licence_key_in_bytes)
key = open("public_key", "r").read() 
rsakey = RSA.importKey(key)
rsakey = PKCS1_OAEP.new(rsakey)
decrypted_message= rsakey.decrypt(encrypted)
alizx
  • 1,148
  • 2
  • 15
  • 27
  • 2
    The API assumes that you encrypt with the public key and decrypt with the private key. That's the way PKI usually works. If you really want to reverse the process you might need to write your own Python API. – Jonathan Ben-Avraham Nov 23 '13 at 16:01
  • Im am doing something unusual? – alizx Nov 23 '13 at 16:06
  • 2
    Yes. The usual use is that you distribute a public key with which anyone can encrypt a message and send it to you, and only you can decrypt the message with your private key. Remember that the RSA private key *includes* the public key. That is, if you have the private key then you have the public key, but not the converse. I suggest that you do some basic reading about how public key encryption works. – Jonathan Ben-Avraham Nov 23 '13 at 20:13
  • I'm trying to create license key like BASE32(CONCAT(DATA, PRIVATE_KEY_ENCRYPTED(HASH(DATA)))) for my application so what should I do now? – alizx Nov 23 '13 at 21:10
  • 1
    Sounds you want to sign, not encrypt. Those are different concepts. If you only have the public key, you cannot sign (or decrypt). Also note that binary (bytes) is not the same as hexadecimals, so calling b16decode does not make sense... – Maarten Bodewes Nov 24 '13 at 02:26
  • @owlstead :I encrypt it with my private key and I want to decrepit that inside the client application . http://stackoverflow.com/questions/599837/how-to-generate-and-validate-a-software-license-key – alizx Nov 24 '13 at 13:06
  • The problem is that a public key allows for a larger range of values than a private key (the public exponent may be small or large, the private exponent should always be near the key size). Furthermore, sign and decryption may have more protection as they expect the private key. Finally, RSA encryption uses a different padding mechanism for encryption than for signing. Simply encrypting a hash is not the same as signing... – Maarten Bodewes Nov 24 '13 at 13:14

1 Answers1

3

Encryption (providing confidentiality)

  • If you want to encrypt/decrypt in the same application, then you simple should swap the public key and the private key.
  • Encryption is always performed by the public key, decryption by the private key.
  • RSA does not have any security if you do it the other way around.
  • If you know the private key then a public key with a small public exponent can be easily guessed by an attacker.

Signature generation (providing authenticity & integrity)

  • From the code however it seems you want to sign a message, but you are using an algorithm (RSA OAEP) that has been designed explicitly for encryption.
  • Unfortunately both concepts are not compatible. First of all, OAEP padding mechanism is not compatible with the one for signing.

Furthermore, there may be differences in handling the keys

  • the library will handle private keys operations differently from public key operations. - - Private keys require security, such as protection against side channel attacks.
  • Note that that a public key allows for a larger range of values than a private key (the public exponent may be small or large, the private exponent should always be near the key size).

So the components of a private key will always match those of a public key. But as public keys normally have a small public exponent, public keys may not always be accepted as private keys.

  • The only good solution is to replace your own signing operation with the correct one. - -- Fortunately Python handles PSS signing operations, take a look at the documentation here, which helpfully contains sample code.
Amarnath Balasubramanian
  • 9,300
  • 8
  • 34
  • 62
Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263
  • OK gave answer for both encryption & signature generation. You choose, but think carefully what you want to achieve :) – Maarten Bodewes Nov 24 '13 at 13:30
  • i want to do this steps : Generate your own key pair (sn.exe) Make a Hash form username etc Encode the Hash with your private key Ship the public key with your program, no need to hide it. Runtime, decode the Hash with the public key and compare with a locally generated version – alizx Nov 24 '13 at 13:40
  • 1
    If you don't want to hide the username etc. then you are describing a sign / verify operation. – Maarten Bodewes Nov 24 '13 at 13:45